Unique Identification Authority of India planning to rollout face authentication for national ID by July 2018
The Unique Identification Authority of India (UIDAI), a statutory body, under the Ministry of Electronics and Information Technology (MeitY), which is responsible for issuing the national ID, Aadhaar, has decided to enable face authentication for the ID.
According to a circular from UIDAI, the use of face authentication will be allowed only in combination with one more authentication factor. This means that face authentication must be combined with either fingerprint or iris or OTP (one-time password) to be able to successfully authenticate an Aadhaar number holder.
Currently, UIDAI provides the fingerprint and iris biometric authentication to select AUAs (Authentication User Agency). Similarly, face authentication shall also be allowed on need basis.
Aadhaar Authentication is the process by which the Aadhaar number, along with the demographic information or biometric information (fingerprint or iris) of an Aadhaar number holder is submitted to the Central Identities Data Repository (CIDR) for its verification. Aadhaar Authentication provides a digital, online identity platform to verify the identity of Aadhaar number holders instantly anytime, anywhere.
Aadhaar has become the primary identity proof used by Indian citizens for accessing a range of services from government as well as non-government entities. Banks, Telecom companies, Public Distribution Systems (India’s food security system), Income Tax, etc. have been mandated through various laws to use Aadhaar for identity verification and de-duplication.
Till data, more than 15 billion authentications have been performed by various Authentication User Agencies (AUAs), out of which more than 10 billion are biometric transactions.
(AUAs are entities engaged in providing Aadhaar Enabled Services to Aadhaar number Holder, using the authentication as facilitated by the Authentication Service Agency (ASA). An AUA may be government / public / private legal agency registered in India, that uses Aadhaar authentication services of UIDAI and sends authentication requests to enable its services / business functions.)
While most of the residents are able to authenticate their identity using fingerprint or iris authentication, some residents face difficulties, in situations such as when fingerprints are not clear and difficult to capture.
At the time of Aadhaar enrolment, photographs of the faces of residents are also captured and the Aadhaar Authentication API already has the technical ability for transmitting photographs of the face (though this option is currently not enabled within CIDR). Therefore, face photos can also be leveraged to verify the identity of a Aadhaar number holder, providing additional option to create inclusive authentication for residents having difficulty with their fingerprints/iris authentication, without the need to capture new reference data at UIDAI CIDR.
Moreover, cameras are now ubiquitous and available on laptops and mobiles making the face capture easily feasible for AUAs without needing any additional hardware. “Liveness” detection can be used as an additional factor to increase security.
UIDAI will work with biometric device providers to integrate the face modality into the certified registered devices and also may provide standalone Registered Device (RD) service as required by the ecosystem. UIDAI will provide Software Development Kits (SDKs) / Registered Device (RD) services in various operating systems which will have the ability to capture face image, check liveness, and create digitally signed and encrypted authentication input (PID block) as required.
When single modality is not working for specific residents, AUAs will be required ensure that they have applications needed to enable face capture via RD service to capture face photo in addition to fingerprint/iris/0TP. They will also have to make the necessary changes, such as doing validation, auditing, etc. on the AUA server side to process the encrypted authentication input.
The Registered Device (RD) Service Providers shall be required to integrate the UIDAI provided face capture SDK into their service and allow applications to use that option whenever required by the AUA application.
UIDAI will share technical documents, software development kits (SDKs), guidelines, and conduct workshops az. training sessions for AUAs and Registered Device (RD) Service Providers to support changer for enabling Face Authentication. The necessary details will be released for implementation by March 1, 2018. Face Authentication as an additional modality to be used in fusion mode along with fingerprints/ iris/ OTP will be available in production for AUAs to use by July 1, 2018.